Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
Vulnerability / Endpoint Security A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven differ ... Read more
-
InfoSec Write-ups
HTB — Busqueda
HTB — BusquedaPhoto by Duncan Meyer on UnsplashAbout the machineBusqueda is an Easy Difficulty Linux machine that involves exploiting a command injection vulnerability present in a Python module. By l ... Read more
-
Daily CyberSecurity
CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103)
CrushFTP, a popular file transfer server, is facing increased scrutiny following the discovery of two significant security vulnerabilities. The vulnerabilities, identified as CVE-2025-32102 and CVE-20 ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
Daily CyberSecurity
Browser Wallet Flaws Allow Silent Crypto Drains Without User Interaction
Image: Coinspect A recent report by Coinspect has revealed critical vulnerabilities in popular browser wallets, raising significant concerns about the security of cryptocurrency holdings. The report w ... Read more
-
Daily CyberSecurity
CVE-2025-24859 (CVSSv4 10): Apache Roller Flaw Exposes Blogs to Unauthorized Access
A security vulnerability has been identified in Apache Roller, a Java-based blog server, that could allow unauthorized access to affected blog sites. The vulnerability, tracked as CVE-2025-24859 (CVSS ... Read more
-
Daily CyberSecurity
Vulnerabilities in Solar Power Systems Threaten Power Grids
Image: Forescout A new report by Forescout reveals critical vulnerabilities in solar power systems that could be exploited to destabilize power grids. The report, titled “SUN:DOWN,” analyzes the secur ... Read more
-
Daily CyberSecurity
China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign
A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN appliances. The report details how a China-nexus Advanced Persistent Threat (APT) grou ... Read more
-
The Register
Don't delete that mystery empty folder. Windows put it there as a security fix
Canny Windows users who've spotted a mysterious folder on hard drives after applying last week's security patches for the operating system can rest assured – it's perfectly benign. In fact, it's recom ... Read more